package com.github.wendao76.spb.admin.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

/**
 * @author wendao76
 * @version 1.0
 * @description 类描述信息
 * @className SecuritySecureConfig
 * @date 2021-6-3 10:17
 */

@Configuration
public class SecuritySecureConfig extends WebSecurityConfigurerAdapter {

	private final String adminContextPath;

	public SecuritySecureConfig(AdminServerProperties adminServerProperties) {
		this.adminContextPath = adminServerProperties.getContextPath();
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		// @formatter:off
		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
		successHandler.setTargetUrlParameter( "redirectTo" );

		http.authorizeRequests()
		  .antMatchers( adminContextPath + "/assets/**" ).permitAll()
		  .antMatchers( adminContextPath + "/login" ).permitAll()
		  .anyRequest().authenticated()
		  .and()
		  .formLogin().loginPage( adminContextPath + "/login" ).successHandler( successHandler ).and()
		  .logout().logoutUrl( adminContextPath + "/logout" ).and()
		  .httpBasic().and()
		  .csrf().disable();
		// @formatter:on
	}
}
